diff --git a/docs/helpers/env_vars.yaml b/docs/helpers/env_vars.yaml index 008cc1023..080db827f 100644 --- a/docs/helpers/env_vars.yaml +++ b/docs/helpers/env_vars.yaml @@ -3417,6 +3417,15 @@ FRONTEND_CHECKSUMS_SUPPORTED_TYPES: deprecationVersion: "" removalVersion: "" deprecationInfo: "" +FRONTEND_CONFIGURABLE_NOTIFICATIONS: + name: FRONTEND_CONFIGURABLE_NOTIFICATIONS + defaultValue: "false" + type: bool + description: Allow configuring notifications via web client. + introductionVersion: "7.1" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" FRONTEND_CORS_ALLOW_CREDENTIALS: name: OCIS_CORS_ALLOW_CREDENTIALS;FRONTEND_CORS_ALLOW_CREDENTIALS defaultValue: "false" @@ -3840,7 +3849,8 @@ FRONTEND_OCS_PUBLIC_SHARE_MUST_HAVE_PASSWORD: deprecationVersion: "" removalVersion: "" deprecationInfo: FRONTEND_OCS_PUBLIC_SHARE_MUST_HAVE_PASSWORD, the OCS API is deprecated - | | FRONTEND_OCS_PUBLIC_SHARE_MUST_HAVE_PASSWORD, the OCS API is deprecated + | | FRONTEND_OCS_PUBLIC_SHARE_MUST_HAVE_PASSWORD, the OCS API is deprecated | + FRONTEND_OCS_PUBLIC_SHARE_MUST_HAVE_PASSWORD, the OCS API is deprecated FRONTEND_OCS_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD: name: OCIS_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD;FRONTEND_OCS_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD defaultValue: "false" @@ -3852,6 +3862,7 @@ FRONTEND_OCS_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD: removalVersion: "" deprecationInfo: FRONTEND_OCS_PUBLIC_WRITABLE_SHARE_MUST_HAVE_PASSWORD, the OCS API is deprecated | | FRONTEND_OCS_PUBLIC_WRITABLE_SHARE_MUST_HAVE_PASSWORD, + the OCS API is deprecated | FRONTEND_OCS_PUBLIC_WRITABLE_SHARE_MUST_HAVE_PASSWORD, the OCS API is deprecated FRONTEND_OCS_SHARE_PREFIX: name: FRONTEND_OCS_SHARE_PREFIX @@ -5330,7 +5341,8 @@ GRAPH_LDAP_USER_DISPLAYNAME_ATTRIBUTE: deprecationVersion: "" removalVersion: "" deprecationInfo: LDAP_USER_SCHEMA_DISPLAY_NAME changing name for consistency | | | | - LDAP_USER_SCHEMA_DISPLAY_NAME changing name for consistency + LDAP_USER_SCHEMA_DISPLAY_NAME changing name for consistency | LDAP_USER_SCHEMA_DISPLAY_NAME + changing name for consistency GRAPH_LDAP_USER_EMAIL_ATTRIBUTE: name: OCIS_LDAP_USER_SCHEMA_MAIL;GRAPH_LDAP_USER_EMAIL_ATTRIBUTE defaultValue: mail @@ -7097,7 +7109,8 @@ LDAP_USER_SCHEMA_DISPLAY_NAME: deprecationVersion: "" removalVersion: "" deprecationInfo: LDAP_USER_SCHEMA_DISPLAY_NAME changing name for consistency | | | | - LDAP_USER_SCHEMA_DISPLAY_NAME changing name for consistency + LDAP_USER_SCHEMA_DISPLAY_NAME changing name for consistency | LDAP_USER_SCHEMA_DISPLAY_NAME + changing name for consistency LDAP_USER_SUBSTRING_FILTER_TYPE: name: LDAP_USER_SUBSTRING_FILTER_TYPE;USERS_LDAP_USER_SUBSTRING_FILTER_TYPE defaultValue: any @@ -7547,6 +7560,76 @@ NOTIFICATIONS_SMTP_USERNAME: deprecationVersion: "" removalVersion: "" deprecationInfo: "" +NOTIFICATIONS_STORE: + name: OCIS_PERSISTENT_STORE;NOTIFICATIONS_STORE + defaultValue: nats-js-kv + type: string + description: 'The type of the store. Supported values are: ''memory'', ''nats-js-kv'', + ''redis-sentinel'', ''noop''. See the text description for details.' + introductionVersion: "7.1" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +NOTIFICATIONS_STORE_AUTH_PASSWORD: + name: OCIS_PERSISTENT_STORE_AUTH_PASSWORD;NOTIFICATIONS_STORE_AUTH_PASSWORD + defaultValue: "" + type: string + description: The password to authenticate with the store. Only applies when store + type 'nats-js-kv' is configured. + introductionVersion: "7.1" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +NOTIFICATIONS_STORE_AUTH_USERNAME: + name: OCIS_PERSISTENT_STORE_AUTH_USERNAME;NOTIFICATIONS_STORE_AUTH_USERNAME + defaultValue: "" + type: string + description: The username to authenticate with the store. Only applies when store + type 'nats-js-kv' is configured. + introductionVersion: "7.1" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +NOTIFICATIONS_STORE_DATABASE: + name: NOTIFICATIONS_STORE_DATABASE + defaultValue: notifications + type: string + description: The database name the configured store should use. + introductionVersion: "7.1" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +NOTIFICATIONS_STORE_NODES: + name: OCIS_PERSISTENT_STORE_NODES;NOTIFICATIONS_STORE_NODES + defaultValue: '[127.0.0.1:9233]' + type: '[]string' + description: A list of nodes to access the configured store. This has no effect + when 'memory' store is configured. Note that the behaviour how nodes are used + is dependent on the library of the configured store. See the Environment Variable + Types description for more details. + introductionVersion: "7.1" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +NOTIFICATIONS_STORE_TABLE: + name: NOTIFICATIONS_STORE_TABLE + defaultValue: "" + type: string + description: The database table the store should use. + introductionVersion: "7.1" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" +NOTIFICATIONS_STORE_TTL: + name: OCIS_PERSISTENT_STORE_TTL;NOTIFICATIONS_STORE_TTL + defaultValue: 336h0m0s + type: Duration + description: Time to live for notifications in the store. Defaults to '336h' (2 + weeks). See the Environment Variable Types description for more details. + introductionVersion: "7.1" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" NOTIFICATIONS_TRACING_COLLECTOR: name: OCIS_TRACING_COLLECTOR;NOTIFICATIONS_TRACING_COLLECTOR defaultValue: "" @@ -7910,12 +7993,12 @@ OCDAV_WEBDAV_NAMESPACE: removalVersion: "" deprecationInfo: "" OCIS_ADMIN_USER_ID: - name: OCIS_ADMIN_USER_ID;STORAGE_USERS_PURGE_TRASH_BIN_USER_ID + name: OCIS_ADMIN_USER_ID;IDM_ADMIN_USER_ID defaultValue: "" type: string - description: ID of the user who collects all necessary information for deletion. - Consider that the UUID can be encoded in some LDAP deployment configurations like - in .ldif files. These need to be decoded beforehand. + description: ID of the user that should receive admin privileges. Consider that + the UUID can be encoded in some LDAP deployment configurations like in .ldif files. + These need to be decoded beforehand. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" @@ -7931,7 +8014,7 @@ OCIS_ASSET_THEMES_PATH: removalVersion: "" deprecationInfo: "" OCIS_ASYNC_UPLOADS: - name: OCIS_ASYNC_UPLOADS + name: OCIS_ASYNC_UPLOADS;SEARCH_EVENTS_ASYNC_UPLOADS defaultValue: "true" type: bool description: Enable asynchronous file uploads. @@ -7940,28 +8023,28 @@ OCIS_ASYNC_UPLOADS: removalVersion: "" deprecationInfo: "" OCIS_CACHE_AUTH_PASSWORD: - name: OCIS_CACHE_AUTH_PASSWORD;STORAGE_USERS_ID_CACHE_AUTH_PASSWORD + name: OCIS_CACHE_AUTH_PASSWORD;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_AUTH_PASSWORD defaultValue: "" type: string - description: The password to authenticate with the cache store. Only applies when - store type 'nats-js-kv' is configured. + description: The password to authenticate with the store. Only applies when store + type 'nats-js-kv' is configured. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_CACHE_AUTH_USERNAME: - name: OCIS_CACHE_AUTH_USERNAME;STORAGE_USERS_ID_CACHE_AUTH_USERNAME + name: OCIS_CACHE_AUTH_USERNAME;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_AUTH_USERNAME defaultValue: "" type: string - description: The username to authenticate with the cache store. Only applies when - store type 'nats-js-kv' is configured. + description: The username to authenticate with the store. Only applies when store + type 'nats-js-kv' is configured. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_CACHE_DATABASE: name: OCIS_CACHE_DATABASE - defaultValue: ids-storage-users + defaultValue: cache-userinfo type: string description: The database name the configured store should use. introductionVersion: pre5.0 @@ -7969,51 +8052,49 @@ OCIS_CACHE_DATABASE: removalVersion: "" deprecationInfo: "" OCIS_CACHE_DISABLE_PERSISTENCE: - name: OCIS_CACHE_DISABLE_PERSISTENCE;STORAGE_USERS_ID_CACHE_DISABLE_PERSISTENCE - defaultValue: "false" + name: OCIS_CACHE_DISABLE_PERSISTENCE;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_DISABLE_PERSISTENCE + defaultValue: "true" type: bool - description: Disables persistence of the cache. Only applies when store type 'nats-js-kv' - is configured. Defaults to false. + description: Disables persistence of the store. Only applies when store type 'nats-js-kv' + is configured. Defaults to true. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_CACHE_STORE: - name: OCIS_CACHE_STORE;STORAGE_USERS_ID_CACHE_STORE - defaultValue: memory + name: OCIS_CACHE_STORE;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE + defaultValue: nats-js-kv type: string - description: 'The type of the cache store. Supported values are: ''memory'', ''redis-sentinel'', - ''nats-js-kv'', ''noop''. See the text description for details.' - introductionVersion: pre5.0 + description: 'The type of the signing key store. Supported values are: ''redis-sentinel'', + ''nats-js-kv'' and ''ocisstoreservice'' (deprecated). See the text description + for details.' + introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_CACHE_STORE_NODES: - name: OCIS_CACHE_STORE_NODES;STORAGE_USERS_ID_CACHE_STORE_NODES + name: OCIS_CACHE_STORE_NODES;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_NODES defaultValue: '[127.0.0.1:9233]' type: '[]string' - description: A list of nodes to access the configured store. This has no effect - when 'memory' store is configured. Note that the behaviour how nodes are used - is dependent on the library of the configured store. See the Environment Variable - Types description for more details. - introductionVersion: pre5.0 + description: A list of nodes to access the configured store. Note that the behaviour + how nodes are used is dependent on the library of the configured store. See the + Environment Variable Types description for more details. + introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_CACHE_TTL: - name: OCIS_CACHE_TTL;STORAGE_USERS_ID_CACHE_TTL - defaultValue: 24m0s + name: OCIS_CACHE_TTL;PROXY_PRESIGNEDURL_SIGNING_KEYS_STORE_TTL + defaultValue: 12h0m0s type: Duration - description: Default time to live for user info in the user info cache. Only applied - when access tokens have no expiration. Defaults to 300s which is derived from - the underlaying package though not explicitly set as default. See the Environment - Variable Types description for more details. - introductionVersion: pre5.0 + description: Default time to live for signing keys. See the Environment Variable + Types description for more details. + introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_CORS_ALLOW_CREDENTIALS: - name: OCIS_CORS_ALLOW_CREDENTIALS;STORAGE_USERS_CORS_ALLOW_CREDENTIALS + name: OCIS_CORS_ALLOW_CREDENTIALS;WEBFINGER_CORS_ALLOW_CREDENTIALS defaultValue: "false" type: bool description: 'Allow credentials for CORS.See following chapter for more details: @@ -8023,10 +8104,8 @@ OCIS_CORS_ALLOW_CREDENTIALS: removalVersion: "" deprecationInfo: "" OCIS_CORS_ALLOW_HEADERS: - name: OCIS_CORS_ALLOW_HEADERS;STORAGE_USERS_CORS_ALLOW_HEADERS - defaultValue: '[Authorization Origin X-Requested-With X-Request-Id X-HTTP-Method-Override - Content-Type Upload-Length Upload-Offset Tus-Resumable Upload-Metadata Upload-Defer-Length - Upload-Concat Upload-Incomplete Upload-Draft-Interop-Version]' + name: OCIS_CORS_ALLOW_HEADERS;WEBFINGER_CORS_ALLOW_HEADERS + defaultValue: '[]' type: '[]string' description: 'A list of allowed CORS headers. See following chapter for more details: *Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. @@ -8036,8 +8115,8 @@ OCIS_CORS_ALLOW_HEADERS: removalVersion: "" deprecationInfo: "" OCIS_CORS_ALLOW_METHODS: - name: OCIS_CORS_ALLOW_METHODS;STORAGE_USERS_CORS_ALLOW_METHODS - defaultValue: '[POST HEAD PATCH OPTIONS GET DELETE]' + name: OCIS_CORS_ALLOW_METHODS;WEBFINGER_CORS_ALLOW_METHODS + defaultValue: '[]' type: '[]string' description: 'A list of allowed CORS methods. See following chapter for more details: *Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method. @@ -8047,7 +8126,7 @@ OCIS_CORS_ALLOW_METHODS: removalVersion: "" deprecationInfo: "" OCIS_CORS_ALLOW_ORIGINS: - name: OCIS_CORS_ALLOW_ORIGINS;STORAGE_USERS_CORS_ALLOW_ORIGINS + name: OCIS_CORS_ALLOW_ORIGINS;WEBFINGER_CORS_ALLOW_ORIGINS defaultValue: '[https://localhost:9200]' type: '[]string' description: 'A list of allowed CORS origins. See following chapter for more details: @@ -8143,7 +8222,7 @@ OCIS_DISABLE_VERSIONING: removalVersion: "" deprecationInfo: "" OCIS_EDITION: - name: OCIS_EDITION;OCDAV_EDITION + name: OCIS_EDITION;FRONTEND_EDITION defaultValue: Community type: string description: Edition of oCIS. Used for branding purposes. @@ -8161,16 +8240,16 @@ OCIS_EMAIL_TEMPLATE_PATH: removalVersion: "" deprecationInfo: "" OCIS_ENABLE_OCM: - name: OCIS_ENABLE_OCM;GRAPH_INCLUDE_OCM_SHAREES + name: OCIS_ENABLE_OCM;FRONTEND_OCS_INCLUDE_OCM_SHAREES defaultValue: "false" type: bool - description: Include OCM sharees when listing users. + description: Include OCM sharees when listing sharees. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_EVENTS_AUTH_PASSWORD: - name: OCIS_EVENTS_AUTH_PASSWORD;STORAGE_USERS_EVENTS_AUTH_PASSWORD + name: OCIS_EVENTS_AUTH_PASSWORD;AUDIT_EVENTS_AUTH_PASSWORD defaultValue: "" type: string description: The password to authenticate with the events broker. The events broker @@ -8180,7 +8259,7 @@ OCIS_EVENTS_AUTH_PASSWORD: removalVersion: "" deprecationInfo: "" OCIS_EVENTS_AUTH_USERNAME: - name: OCIS_EVENTS_AUTH_USERNAME;STORAGE_USERS_EVENTS_AUTH_USERNAME + name: OCIS_EVENTS_AUTH_USERNAME;AUDIT_EVENTS_AUTH_USERNAME defaultValue: "" type: string description: The username to authenticate with the events broker. The events broker @@ -8190,7 +8269,7 @@ OCIS_EVENTS_AUTH_USERNAME: removalVersion: "" deprecationInfo: "" OCIS_EVENTS_CLUSTER: - name: OCIS_EVENTS_CLUSTER;STORAGE_USERS_EVENTS_CLUSTER + name: OCIS_EVENTS_CLUSTER;AUDIT_EVENTS_CLUSTER defaultValue: ocis-cluster type: string description: The clusterID of the event system. The event system is the message @@ -8201,7 +8280,7 @@ OCIS_EVENTS_CLUSTER: removalVersion: "" deprecationInfo: "" OCIS_EVENTS_ENABLE_TLS: - name: OCIS_EVENTS_ENABLE_TLS;STORAGE_USERS_EVENTS_ENABLE_TLS + name: OCIS_EVENTS_ENABLE_TLS;AUDIT_EVENTS_ENABLE_TLS defaultValue: "false" type: bool description: Enable TLS for the connection to the events broker. The events broker @@ -8211,7 +8290,7 @@ OCIS_EVENTS_ENABLE_TLS: removalVersion: "" deprecationInfo: "" OCIS_EVENTS_ENDPOINT: - name: OCIS_EVENTS_ENDPOINT;STORAGE_USERS_EVENTS_ENDPOINT + name: OCIS_EVENTS_ENDPOINT;AUDIT_EVENTS_ENDPOINT defaultValue: 127.0.0.1:9233 type: string description: The address of the event system. The event system is the message queuing @@ -8221,21 +8300,21 @@ OCIS_EVENTS_ENDPOINT: removalVersion: "" deprecationInfo: "" OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE: - name: OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;STORAGE_USERS_EVENTS_TLS_ROOT_CA_CERTIFICATE + name: OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE;AUDIT_EVENTS_TLS_ROOT_CA_CERTIFICATE defaultValue: "" type: string description: The root CA certificate used to validate the server's TLS certificate. - If provided STORAGE_USERS_EVENTS_TLS_INSECURE will be seen as false. + If provided AUDIT_EVENTS_TLS_INSECURE will be seen as false. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_GATEWAY_GRPC_ADDR: - name: OCIS_GATEWAY_GRPC_ADDR;STORAGE_USERS_GATEWAY_GRPC_ADDR + name: OCIS_GATEWAY_GRPC_ADDR;GATEWAY_GRPC_ADDR defaultValue: 127.0.0.1:9142 type: string - description: The bind address of the gateway GRPC address. - introductionVersion: "5.0" + description: The bind address of the GRPC service. + introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" @@ -8263,11 +8342,11 @@ OCIS_GRPC_CLIENT_TLS_MODE: removalVersion: "" deprecationInfo: "" OCIS_GRPC_PROTOCOL: - name: OCIS_GRPC_PROTOCOL;STORAGE_USERS_GRPC_PROTOCOL + name: OCIS_GRPC_PROTOCOL;COLLABORATION_GRPC_PROTOCOL defaultValue: "" type: string - description: The transport protocol of the GPRC service. - introductionVersion: pre5.0 + description: The transport protocol of the GRPC service. + introductionVersion: 7.0.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" @@ -8303,7 +8382,7 @@ OCIS_HTTP_TLS_KEY: removalVersion: "" deprecationInfo: "" OCIS_INSECURE: - name: OCIS_INSECURE;STORAGE_USERS_EVENTS_TLS_INSECURE + name: OCIS_INSECURE;AUDIT_EVENTS_TLS_INSECURE defaultValue: "false" type: bool description: Whether to verify the server TLS certificates. @@ -8312,7 +8391,7 @@ OCIS_INSECURE: removalVersion: "" deprecationInfo: "" OCIS_JWT_SECRET: - name: OCIS_JWT_SECRET;STORAGE_USERS_JWT_SECRET + name: OCIS_JWT_SECRET;COLLABORATION_JWT_SECRET defaultValue: "" type: string description: The secret to mint and validate jwt tokens. @@ -8321,7 +8400,7 @@ OCIS_JWT_SECRET: removalVersion: "" deprecationInfo: "" OCIS_KEYCLOAK_BASE_PATH: - name: OCIS_KEYCLOAK_BASE_PATH;GRAPH_KEYCLOAK_BASE_PATH + name: OCIS_KEYCLOAK_BASE_PATH;INVITATIONS_KEYCLOAK_BASE_PATH defaultValue: "" type: string description: The URL to access keycloak. @@ -8330,16 +8409,16 @@ OCIS_KEYCLOAK_BASE_PATH: removalVersion: "" deprecationInfo: "" OCIS_KEYCLOAK_CLIENT_ID: - name: OCIS_KEYCLOAK_CLIENT_ID;GRAPH_KEYCLOAK_CLIENT_ID + name: OCIS_KEYCLOAK_CLIENT_ID;INVITATIONS_KEYCLOAK_CLIENT_ID defaultValue: "" type: string - description: The client id to authenticate with keycloak. + description: The client ID to authenticate with keycloak. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_KEYCLOAK_CLIENT_REALM: - name: OCIS_KEYCLOAK_CLIENT_REALM;GRAPH_KEYCLOAK_CLIENT_REALM + name: OCIS_KEYCLOAK_CLIENT_REALM;INVITATIONS_KEYCLOAK_CLIENT_REALM defaultValue: "" type: string description: The realm the client is defined in. @@ -8348,7 +8427,7 @@ OCIS_KEYCLOAK_CLIENT_REALM: removalVersion: "" deprecationInfo: "" OCIS_KEYCLOAK_CLIENT_SECRET: - name: OCIS_KEYCLOAK_CLIENT_SECRET;GRAPH_KEYCLOAK_CLIENT_SECRET + name: OCIS_KEYCLOAK_CLIENT_SECRET;INVITATIONS_KEYCLOAK_CLIENT_SECRET defaultValue: "" type: string description: The client secret to use in authentication. @@ -8357,7 +8436,7 @@ OCIS_KEYCLOAK_CLIENT_SECRET: removalVersion: "" deprecationInfo: "" OCIS_KEYCLOAK_INSECURE_SKIP_VERIFY: - name: OCIS_KEYCLOAK_INSECURE_SKIP_VERIFY;GRAPH_KEYCLOAK_INSECURE_SKIP_VERIFY + name: OCIS_KEYCLOAK_INSECURE_SKIP_VERIFY;INVITATIONS_KEYCLOAK_INSECURE_SKIP_VERIFY defaultValue: "false" type: bool description: Disable TLS certificate validation for Keycloak connections. Do not @@ -8367,7 +8446,7 @@ OCIS_KEYCLOAK_INSECURE_SKIP_VERIFY: removalVersion: "" deprecationInfo: "" OCIS_KEYCLOAK_USER_REALM: - name: OCIS_KEYCLOAK_USER_REALM;GRAPH_KEYCLOAK_USER_REALM + name: OCIS_KEYCLOAK_USER_REALM;INVITATIONS_KEYCLOAK_USER_REALM defaultValue: "" type: string description: The realm users are defined. @@ -8376,8 +8455,8 @@ OCIS_KEYCLOAK_USER_REALM: removalVersion: "" deprecationInfo: "" OCIS_LDAP_BIND_DN: - name: OCIS_LDAP_BIND_DN;GRAPH_LDAP_BIND_DN - defaultValue: uid=libregraph,ou=sysusers,o=libregraph-idm + name: OCIS_LDAP_BIND_DN;IDP_LDAP_BIND_DN + defaultValue: uid=idp,ou=sysusers,o=libregraph-idm type: string description: LDAP DN to use for simple bind authentication with the target LDAP server. @@ -8386,7 +8465,7 @@ OCIS_LDAP_BIND_DN: removalVersion: "" deprecationInfo: "" OCIS_LDAP_BIND_PASSWORD: - name: OCIS_LDAP_BIND_PASSWORD;GRAPH_LDAP_BIND_PASSWORD + name: OCIS_LDAP_BIND_PASSWORD;IDP_LDAP_BIND_PASSWORD defaultValue: "" type: string description: Password to use for authenticating the 'bind_dn'. @@ -8395,12 +8474,12 @@ OCIS_LDAP_BIND_PASSWORD: removalVersion: "" deprecationInfo: "" OCIS_LDAP_CACERT: - name: OCIS_LDAP_CACERT;GRAPH_LDAP_CACERT + name: OCIS_LDAP_CACERT;IDP_LDAP_TLS_CACERT defaultValue: /var/lib/ocis/idm/ldap.crt type: string description: Path/File name for the root CA certificate (in PEM format) used to validate TLS server certificates of the LDAP service. If not defined, the root - directory derives from $OCIS_BASE_DATA_PATH/idm. + directory derives from $OCIS_BASE_DATA_PATH/idp. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" @@ -8457,7 +8536,7 @@ OCIS_LDAP_GROUP_OBJECTCLASS: removalVersion: "" deprecationInfo: "" OCIS_LDAP_GROUP_SCHEMA_DISPLAYNAME: - name: OCIS_LDAP_GROUP_SCHEMA_DISPLAYNAME;USERS_LDAP_GROUP_SCHEMA_DISPLAYNAME + name: OCIS_LDAP_GROUP_SCHEMA_DISPLAYNAME;AUTH_BASIC_LDAP_GROUP_SCHEMA_DISPLAYNAME defaultValue: cn type: string description: LDAP Attribute to use for the displayname of groups (often the same @@ -8497,7 +8576,7 @@ OCIS_LDAP_GROUP_SCHEMA_ID_IS_OCTETSTRING: removalVersion: "" deprecationInfo: "" OCIS_LDAP_GROUP_SCHEMA_MAIL: - name: OCIS_LDAP_GROUP_SCHEMA_MAIL;USERS_LDAP_GROUP_SCHEMA_MAIL + name: OCIS_LDAP_GROUP_SCHEMA_MAIL;AUTH_BASIC_LDAP_GROUP_SCHEMA_MAIL defaultValue: mail type: string description: LDAP Attribute to use for the email address of groups (can be empty). @@ -8525,7 +8604,7 @@ OCIS_LDAP_GROUP_SCOPE: removalVersion: "" deprecationInfo: "" OCIS_LDAP_INSECURE: - name: OCIS_LDAP_INSECURE;GRAPH_LDAP_INSECURE + name: OCIS_LDAP_INSECURE;IDP_INSECURE defaultValue: "false" type: bool description: Disable TLS certificate validation for the LDAP connections. Do not @@ -8535,7 +8614,7 @@ OCIS_LDAP_INSECURE: removalVersion: "" deprecationInfo: "" OCIS_LDAP_SERVER_WRITE_ENABLED: - name: OCIS_LDAP_SERVER_WRITE_ENABLED;GRAPH_LDAP_SERVER_WRITE_ENABLED + name: OCIS_LDAP_SERVER_WRITE_ENABLED;FRONTEND_LDAP_SERVER_WRITE_ENABLED defaultValue: "true" type: bool description: Allow creating, modifying and deleting LDAP users via the GRAPH API. @@ -8547,17 +8626,16 @@ OCIS_LDAP_SERVER_WRITE_ENABLED: removalVersion: "" deprecationInfo: "" OCIS_LDAP_URI: - name: OCIS_LDAP_URI;GRAPH_LDAP_URI + name: OCIS_LDAP_URI;IDP_LDAP_URI defaultValue: ldaps://localhost:9235 type: string - description: URI of the LDAP Server to connect to. Supported URI schemes are 'ldaps://' - and 'ldap://' + description: Url of the LDAP service to use as IDP. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_LDAP_USER_BASE_DN: - name: OCIS_LDAP_USER_BASE_DN;GRAPH_LDAP_USER_BASE_DN + name: OCIS_LDAP_USER_BASE_DN;IDP_LDAP_BASE_DN defaultValue: ou=users,o=libregraph-idm type: string description: Search base DN for looking up LDAP users. @@ -8566,7 +8644,7 @@ OCIS_LDAP_USER_BASE_DN: removalVersion: "" deprecationInfo: "" OCIS_LDAP_USER_ENABLED_ATTRIBUTE: - name: OCIS_LDAP_USER_ENABLED_ATTRIBUTE;GRAPH_USER_ENABLED_ATTRIBUTE + name: OCIS_LDAP_USER_ENABLED_ATTRIBUTE;IDP_USER_ENABLED_ATTRIBUTE defaultValue: ownCloudUserEnabled type: string description: LDAP Attribute to use as a flag telling if the user is enabled or disabled. @@ -8575,7 +8653,7 @@ OCIS_LDAP_USER_ENABLED_ATTRIBUTE: removalVersion: "" deprecationInfo: "" OCIS_LDAP_USER_FILTER: - name: OCIS_LDAP_USER_FILTER;GRAPH_LDAP_USER_FILTER + name: OCIS_LDAP_USER_FILTER;IDP_LDAP_FILTER defaultValue: "" type: string description: LDAP filter to add to the default filters for user search like '(objectclass=ownCloud)'. @@ -8584,11 +8662,10 @@ OCIS_LDAP_USER_FILTER: removalVersion: "" deprecationInfo: "" OCIS_LDAP_USER_OBJECTCLASS: - name: OCIS_LDAP_USER_OBJECTCLASS;GRAPH_LDAP_USER_OBJECTCLASS + name: OCIS_LDAP_USER_OBJECTCLASS;IDP_LDAP_OBJECTCLASS defaultValue: inetOrgPerson type: string - description: The object class to use for users in the default user search filter - ('inetOrgPerson'). + description: LDAP User ObjectClass like 'inetOrgPerson'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" @@ -8602,13 +8679,13 @@ OCIS_LDAP_USER_SCHEMA_DISPLAYNAME: deprecationVersion: "" removalVersion: "" deprecationInfo: LDAP_USER_SCHEMA_DISPLAY_NAME changing name for consistency | | | | | | | - LDAP_USER_SCHEMA_DISPLAY_NAME changing name for consistency + LDAP_USER_SCHEMA_DISPLAY_NAME changing name for consistency | | | | LDAP_USER_SCHEMA_DISPLAY_NAME + changing name for consistency OCIS_LDAP_USER_SCHEMA_ID: - name: OCIS_LDAP_USER_SCHEMA_ID;GRAPH_LDAP_USER_UID_ATTRIBUTE - defaultValue: owncloudUUID + name: OCIS_LDAP_USER_SCHEMA_ID;IDP_LDAP_UUID_ATTRIBUTE + defaultValue: ownCloudUUID type: string - description: LDAP Attribute to use as the unique ID for users. This should be a - stable globally unique ID like a UUID. + description: LDAP User UUID attribute like 'uid'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" @@ -8625,10 +8702,10 @@ OCIS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING: removalVersion: "" deprecationInfo: "" OCIS_LDAP_USER_SCHEMA_MAIL: - name: OCIS_LDAP_USER_SCHEMA_MAIL;GRAPH_LDAP_USER_EMAIL_ATTRIBUTE + name: OCIS_LDAP_USER_SCHEMA_MAIL;IDP_LDAP_EMAIL_ATTRIBUTE defaultValue: mail type: string - description: LDAP Attribute to use for the email address of users. + description: LDAP User email attribute like 'mail'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" @@ -8644,16 +8721,16 @@ OCIS_LDAP_USER_SCHEMA_USER_TYPE: removalVersion: "" deprecationInfo: "" OCIS_LDAP_USER_SCHEMA_USERNAME: - name: OCIS_LDAP_USER_SCHEMA_USERNAME;GRAPH_LDAP_USER_NAME_ATTRIBUTE - defaultValue: uid + name: OCIS_LDAP_USER_SCHEMA_USERNAME;IDP_LDAP_NAME_ATTRIBUTE + defaultValue: displayName type: string - description: LDAP Attribute to use for username of users. + description: LDAP User name attribute like 'displayName'. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_LDAP_USER_SCOPE: - name: OCIS_LDAP_USER_SCOPE;GRAPH_LDAP_USER_SCOPE + name: OCIS_LDAP_USER_SCOPE;IDP_LDAP_SCOPE defaultValue: sub type: string description: LDAP search scope to use when looking up users. Supported scopes are @@ -8663,7 +8740,7 @@ OCIS_LDAP_USER_SCOPE: removalVersion: "" deprecationInfo: "" OCIS_LOG_COLOR: - name: OCIS_LOG_COLOR;STORAGE_USERS_LOG_COLOR + name: OCIS_LOG_COLOR;IDM_LOG_COLOR defaultValue: "false" type: bool description: Activates colorized log output. @@ -8672,7 +8749,7 @@ OCIS_LOG_COLOR: removalVersion: "" deprecationInfo: "" OCIS_LOG_FILE: - name: OCIS_LOG_FILE;STORAGE_USERS_LOG_FILE + name: OCIS_LOG_FILE;IDM_LOG_FILE defaultValue: "" type: string description: The path to the log file. Activates logging to this file if set. @@ -8681,7 +8758,7 @@ OCIS_LOG_FILE: removalVersion: "" deprecationInfo: "" OCIS_LOG_LEVEL: - name: OCIS_LOG_LEVEL;STORAGE_USERS_LOG_LEVEL + name: OCIS_LOG_LEVEL;IDM_LOG_LEVEL defaultValue: "" type: string description: 'The log level. Valid values are: ''panic'', ''fatal'', ''error'', @@ -8691,7 +8768,7 @@ OCIS_LOG_LEVEL: removalVersion: "" deprecationInfo: "" OCIS_LOG_PRETTY: - name: OCIS_LOG_PRETTY;STORAGE_USERS_LOG_PRETTY + name: OCIS_LOG_PRETTY;IDM_LOG_PRETTY defaultValue: "false" type: bool description: Activates pretty log output. @@ -8700,23 +8777,23 @@ OCIS_LOG_PRETTY: removalVersion: "" deprecationInfo: "" OCIS_MACHINE_AUTH_API_KEY: - name: OCIS_MACHINE_AUTH_API_KEY;STORAGE_USERS_MACHINE_AUTH_API_KEY + name: OCIS_MACHINE_AUTH_API_KEY;PROXY_MACHINE_AUTH_API_KEY defaultValue: "" type: string - description: Machine auth API key used to validate internal requests necessary for - the access to resources from other services. - introductionVersion: "5.0" + description: Machine auth API key used to validate internal requests necessary to + access resources from other services. + introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_MAX_CONCURRENCY: - name: OCIS_MAX_CONCURRENCY;STORAGE_USERS_S3NG_MAX_CONCURRENCY - defaultValue: "5" + name: OCIS_MAX_CONCURRENCY;USERLOG_MAX_CONCURRENCY + defaultValue: "1" type: int description: Maximum number of concurrent go-routines. Higher values can potentially get work done faster but will also cause more load on the system. Values of 0 - or below will be ignored and the default value of 100 will be used. - introductionVersion: pre5.0 + or below will be ignored and the default value will be used. + introductionVersion: 7.0.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" @@ -8741,7 +8818,7 @@ OCIS_OIDC_ISSUER: removalVersion: "" deprecationInfo: "" OCIS_PASSWORD_POLICY_BANNED_PASSWORDS_LIST: - name: OCIS_PASSWORD_POLICY_BANNED_PASSWORDS_LIST;SHARING_PASSWORD_POLICY_BANNED_PASSWORDS_LIST + name: OCIS_PASSWORD_POLICY_BANNED_PASSWORDS_LIST;FRONTEND_PASSWORD_POLICY_BANNED_PASSWORDS_LIST defaultValue: "" type: string description: Path to the 'banned passwords list' file. This only impacts public @@ -8751,7 +8828,7 @@ OCIS_PASSWORD_POLICY_BANNED_PASSWORDS_LIST: removalVersion: "" deprecationInfo: "" OCIS_PASSWORD_POLICY_DISABLED: - name: OCIS_PASSWORD_POLICY_DISABLED;SHARING_PASSWORD_POLICY_DISABLED + name: OCIS_PASSWORD_POLICY_DISABLED;FRONTEND_PASSWORD_POLICY_DISABLED defaultValue: "false" type: bool description: Disable the password policy. Defaults to false if not set. @@ -8760,7 +8837,7 @@ OCIS_PASSWORD_POLICY_DISABLED: removalVersion: "" deprecationInfo: "" OCIS_PASSWORD_POLICY_MIN_CHARACTERS: - name: OCIS_PASSWORD_POLICY_MIN_CHARACTERS;SHARING_PASSWORD_POLICY_MIN_CHARACTERS + name: OCIS_PASSWORD_POLICY_MIN_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_CHARACTERS defaultValue: "8" type: int description: Define the minimum password length. Defaults to 8 if not set. @@ -8769,7 +8846,7 @@ OCIS_PASSWORD_POLICY_MIN_CHARACTERS: removalVersion: "" deprecationInfo: "" OCIS_PASSWORD_POLICY_MIN_DIGITS: - name: OCIS_PASSWORD_POLICY_MIN_DIGITS;SHARING_PASSWORD_POLICY_MIN_DIGITS + name: OCIS_PASSWORD_POLICY_MIN_DIGITS;FRONTEND_PASSWORD_POLICY_MIN_DIGITS defaultValue: "1" type: int description: Define the minimum number of digits. Defaults to 1 if not set. @@ -8778,7 +8855,7 @@ OCIS_PASSWORD_POLICY_MIN_DIGITS: removalVersion: "" deprecationInfo: "" OCIS_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS: - name: OCIS_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS;SHARING_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS + name: OCIS_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS defaultValue: "1" type: int description: Define the minimum number of uppercase letters. Defaults to 1 if not @@ -8788,7 +8865,7 @@ OCIS_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS: removalVersion: "" deprecationInfo: "" OCIS_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS: - name: OCIS_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS;SHARING_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS + name: OCIS_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS defaultValue: "1" type: int description: Define the minimum number of characters from the special characters @@ -8798,7 +8875,7 @@ OCIS_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS: removalVersion: "" deprecationInfo: "" OCIS_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS: - name: OCIS_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS;SHARING_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS + name: OCIS_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS;FRONTEND_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS defaultValue: "1" type: int description: Define the minimum number of lowercase letters. Defaults to 1 if not @@ -8808,54 +8885,54 @@ OCIS_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS: removalVersion: "" deprecationInfo: "" OCIS_PERSISTENT_STORE: - name: OCIS_PERSISTENT_STORE;EVENTHISTORY_STORE + name: OCIS_PERSISTENT_STORE;COLLABORATION_STORE defaultValue: nats-js-kv type: string description: 'The type of the store. Supported values are: ''memory'', ''nats-js-kv'', ''redis-sentinel'', ''noop''. See the text description for details.' - introductionVersion: pre5.0 + introductionVersion: 7.0.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_PERSISTENT_STORE_AUTH_PASSWORD: - name: OCIS_PERSISTENT_STORE_AUTH_PASSWORD;EVENTHISTORY_STORE_AUTH_PASSWORD + name: OCIS_PERSISTENT_STORE_AUTH_PASSWORD;COLLABORATION_STORE_AUTH_PASSWORD defaultValue: "" type: string description: The password to authenticate with the store. Only applies when store type 'nats-js-kv' is configured. - introductionVersion: "5.0" + introductionVersion: 7.0.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_PERSISTENT_STORE_AUTH_USERNAME: - name: OCIS_PERSISTENT_STORE_AUTH_USERNAME;EVENTHISTORY_STORE_AUTH_USERNAME + name: OCIS_PERSISTENT_STORE_AUTH_USERNAME;COLLABORATION_STORE_AUTH_USERNAME defaultValue: "" type: string description: The username to authenticate with the store. Only applies when store type 'nats-js-kv' is configured. - introductionVersion: "5.0" + introductionVersion: 7.0.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_PERSISTENT_STORE_NODES: - name: OCIS_PERSISTENT_STORE_NODES;EVENTHISTORY_STORE_NODES + name: OCIS_PERSISTENT_STORE_NODES;COLLABORATION_STORE_NODES defaultValue: '[127.0.0.1:9233]' type: '[]string' description: A list of nodes to access the configured store. This has no effect when 'memory' store is configured. Note that the behaviour how nodes are used is dependent on the library of the configured store. See the Environment Variable Types description for more details. - introductionVersion: pre5.0 + introductionVersion: 7.0.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_PERSISTENT_STORE_TTL: - name: OCIS_PERSISTENT_STORE_TTL;EVENTHISTORY_STORE_TTL - defaultValue: 336h0m0s + name: OCIS_PERSISTENT_STORE_TTL;COLLABORATION_STORE_TTL + defaultValue: 30m0s type: Duration - description: Time to live for events in the store. Defaults to '336h' (2 weeks). + description: Time to live for events in the store. Defaults to '30m' (30 minutes). See the Environment Variable Types description for more details. - introductionVersion: pre5.0 + introductionVersion: 7.0.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" @@ -8872,8 +8949,8 @@ OCIS_REVA_GATEWAY: name: OCIS_REVA_GATEWAY defaultValue: com.owncloud.api.gateway type: string - description: The CS3 gateway endpoint. - introductionVersion: pre5.0 + description: CS3 gateway used to look up user metadata. + introductionVersion: 6.0.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" @@ -8900,7 +8977,7 @@ OCIS_REVA_GATEWAY_TLS_MODE: removalVersion: "" deprecationInfo: "" OCIS_SERVICE_ACCOUNT_ID: - name: OCIS_SERVICE_ACCOUNT_ID;STORAGE_USERS_SERVICE_ACCOUNT_ID + name: OCIS_SERVICE_ACCOUNT_ID;USERLOG_SERVICE_ACCOUNT_ID defaultValue: "" type: string description: The ID of the service account the service should use. See the 'auth-service' @@ -8910,7 +8987,7 @@ OCIS_SERVICE_ACCOUNT_ID: removalVersion: "" deprecationInfo: "" OCIS_SERVICE_ACCOUNT_SECRET: - name: OCIS_SERVICE_ACCOUNT_SECRET;STORAGE_USERS_SERVICE_ACCOUNT_SECRET + name: OCIS_SERVICE_ACCOUNT_SECRET;USERLOG_SERVICE_ACCOUNT_SECRET defaultValue: "" type: string description: The service account secret. @@ -8919,29 +8996,29 @@ OCIS_SERVICE_ACCOUNT_SECRET: removalVersion: "" deprecationInfo: "" OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD: - name: OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD;SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD + name: OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD;FRONTEND_OCS_PUBLIC_SHARE_MUST_HAVE_PASSWORD defaultValue: "true" type: bool description: Set this to true if you want to enforce passwords on all public shares. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" - deprecationInfo: 'FRONTEND_OCS_PUBLIC_SHARE_MUST_HAVE_PASSWORD, the OCS API is deprecated - | | FRONTEND_OCS_PUBLIC_SHARE_MUST_HAVE_PASSWORD, the OCS API is deprecated | ' + deprecationInfo: FRONTEND_OCS_PUBLIC_SHARE_MUST_HAVE_PASSWORD, the OCS API is deprecated + | | FRONTEND_OCS_PUBLIC_SHARE_MUST_HAVE_PASSWORD, the OCS API is deprecated | | | + FRONTEND_OCS_PUBLIC_SHARE_MUST_HAVE_PASSWORD, the OCS API is deprecated OCIS_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD: - name: OCIS_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD;SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD + name: OCIS_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD;FRONTEND_OCS_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD defaultValue: "false" type: bool - description: Set this to true if you want to enforce passwords on Uploader, Editor - or Contributor shares. If not using the global OCIS_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD, - you must define the FRONTEND_OCS_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD (deprecated) - in the frontend service. + description: Set this to true if you want to enforce passwords for writable shares. + Only effective if the setting for 'passwords on all public shares' is set to false. introductionVersion: "5.0" deprecationVersion: "" removalVersion: "" - deprecationInfo: 'FRONTEND_OCS_PUBLIC_WRITABLE_SHARE_MUST_HAVE_PASSWORD, the OCS + deprecationInfo: FRONTEND_OCS_PUBLIC_WRITABLE_SHARE_MUST_HAVE_PASSWORD, the OCS API is deprecated | | FRONTEND_OCS_PUBLIC_WRITABLE_SHARE_MUST_HAVE_PASSWORD, - the OCS API is deprecated | ' + the OCS API is deprecated | | | FRONTEND_OCS_PUBLIC_WRITABLE_SHARE_MUST_HAVE_PASSWORD, + the OCS API is deprecated OCIS_SHOW_USER_EMAIL_IN_RESULTS: name: OCIS_SHOW_USER_EMAIL_IN_RESULTS defaultValue: "false" @@ -8954,18 +9031,17 @@ OCIS_SHOW_USER_EMAIL_IN_RESULTS: removalVersion: "" deprecationInfo: "" OCIS_SPACES_MAX_QUOTA: - name: OCIS_SPACES_MAX_QUOTA;STORAGE_USERS_OCIS_MAX_QUOTA + name: OCIS_SPACES_MAX_QUOTA;FRONTEND_MAX_QUOTA defaultValue: "0" type: uint64 - description: Set a global max quota for spaces in bytes. A value of 0 equals unlimited. - If not using the global OCIS_SPACES_MAX_QUOTA, you must define the FRONTEND_MAX_QUOTA - in the frontend service. + description: Set the global max quota value in bytes. A value of 0 equals unlimited. + The value is provided via capabilities. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_SYSTEM_USER_API_KEY: - name: OCIS_SYSTEM_USER_API_KEY;SHARING_PUBLIC_CS3_SYSTEM_USER_API_KEY + name: OCIS_SYSTEM_USER_API_KEY defaultValue: "" type: string description: API key for the STORAGE-SYSTEM system user. @@ -8974,7 +9050,7 @@ OCIS_SYSTEM_USER_API_KEY: removalVersion: "" deprecationInfo: "" OCIS_SYSTEM_USER_ID: - name: OCIS_SYSTEM_USER_ID;SHARING_PUBLIC_CS3_SYSTEM_USER_ID + name: OCIS_SYSTEM_USER_ID;SETTINGS_SYSTEM_USER_ID defaultValue: "" type: string description: ID of the oCIS STORAGE-SYSTEM system user. Admins need to set the ID @@ -8986,7 +9062,7 @@ OCIS_SYSTEM_USER_ID: removalVersion: "" deprecationInfo: "" OCIS_SYSTEM_USER_IDP: - name: OCIS_SYSTEM_USER_IDP;SHARING_PUBLIC_CS3_SYSTEM_USER_IDP + name: OCIS_SYSTEM_USER_IDP;SETTINGS_SYSTEM_USER_IDP defaultValue: internal type: string description: IDP of the oCIS STORAGE-SYSTEM system user. @@ -8995,7 +9071,7 @@ OCIS_SYSTEM_USER_IDP: removalVersion: "" deprecationInfo: "" OCIS_TRACING_COLLECTOR: - name: OCIS_TRACING_COLLECTOR;STORAGE_USERS_TRACING_COLLECTOR + name: OCIS_TRACING_COLLECTOR;IDM_TRACING_COLLECTOR defaultValue: "" type: string description: The HTTP endpoint for sending spans directly to a collector, i.e. http://jaeger-collector:14268/api/traces. @@ -9005,7 +9081,7 @@ OCIS_TRACING_COLLECTOR: removalVersion: "" deprecationInfo: "" OCIS_TRACING_ENABLED: - name: OCIS_TRACING_ENABLED;STORAGE_USERS_TRACING_ENABLED + name: OCIS_TRACING_ENABLED;IDM_TRACING_ENABLED defaultValue: "false" type: bool description: Activates tracing. @@ -9014,7 +9090,7 @@ OCIS_TRACING_ENABLED: removalVersion: "" deprecationInfo: "" OCIS_TRACING_ENDPOINT: - name: OCIS_TRACING_ENDPOINT;STORAGE_USERS_TRACING_ENDPOINT + name: OCIS_TRACING_ENDPOINT;IDM_TRACING_ENDPOINT defaultValue: "" type: string description: The endpoint of the tracing agent. @@ -9023,7 +9099,7 @@ OCIS_TRACING_ENDPOINT: removalVersion: "" deprecationInfo: "" OCIS_TRACING_TYPE: - name: OCIS_TRACING_TYPE;STORAGE_USERS_TRACING_TYPE + name: OCIS_TRACING_TYPE;IDM_TRACING_TYPE defaultValue: "" type: string description: The type of tracing. Defaults to '', which is the same as 'jaeger'. @@ -9036,27 +9112,27 @@ OCIS_TRANSFER_SECRET: name: OCIS_TRANSFER_SECRET defaultValue: "" type: string - description: The storage transfer secret. + description: Transfer secret for signing file up- and download requests. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_TRANSLATION_PATH: - name: OCIS_TRANSLATION_PATH;GRAPH_TRANSLATION_PATH + name: OCIS_TRANSLATION_PATH;USERLOG_TRANSLATION_PATH defaultValue: "" type: string description: (optional) Set this to a path with custom translations to overwrite the builtin translations. Note that file and folder naming rules apply, see the documentation for more details. - introductionVersion: 7.0.0 + introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" deprecationInfo: "" OCIS_URL: - name: OCIS_URL;OCDAV_PUBLIC_URL + name: OCIS_URL;OCIS_OIDC_ISSUER defaultValue: https://localhost:9200 type: string - description: URL where oCIS is reachable for users. + description: The OIDC issuer URL to assign to the demo users. introductionVersion: pre5.0 deprecationVersion: "" removalVersion: "" @@ -11665,6 +11741,17 @@ SETTINGS_TRACING_TYPE: deprecationVersion: "" removalVersion: "" deprecationInfo: "" +SETTINGS_TRANSLATION_PATH: + name: OCIS_TRANSLATION_PATH;SETTINGS_TRANSLATION_PATH + defaultValue: "" + type: string + description: (optional) Set this to a path with custom translations to overwrite + the builtin translations. Note that file and folder naming rules apply, see the + documentation for more details. + introductionVersion: "7.1" + deprecationVersion: "" + removalVersion: "" + deprecationInfo: "" SHARING_DEBUG_ADDR: name: SHARING_DEBUG_ADDR defaultValue: 127.0.0.1:9151 @@ -14178,7 +14265,8 @@ STORAGE_USERS_S3NG_PUT_OBJECT_PART_SIZE: name: STORAGE_USERS_S3NG_PUT_OBJECT_PART_SIZE defaultValue: "0" type: uint64 - description: Part size for concurrent uploads to S3. + description: Part size for concurrent uploads to S3. If no value or 0 is set, the + library's default value of 16MB is used. The value range is min 5MB and max 5GB. introductionVersion: "5.0" deprecationVersion: "" removalVersion: ""